Summary
Overview
Work History
Education
Skills
Certifications And Education
Projects & Leadership
Timeline
Generic

Robert Rockstroh

Cranebrook,NSW

Summary

Experienced Cyber Security Incident Response Lead with 15+ years in ICT, specialising in incident response, infrastructure and security optimization. Strong technical acumen, leadership, and strategic planning skills. Adept at solving complex problems, mentoring teams, and driving innovative solutions with automation, workflows, and strategic planning.

Overview

19
19
years of professional experience

Work History

Cyber Security Incident Detection & Response Lead

Tyro Payments
03.2024 - Current
  • Audit Preparation
  • Monthly Metrics
  • Staff managerial activities & enablement
  • Monitor SIEM dashboards & analyse cyber threats across endpoint, server, and cloud
  • Conduct Cyber Threat Intelligence (CTI) and hunting using OSINT & closed-source feeds.
  • Develop playbooks & oversee use case development.
  • Collaborate with industry counterparts.
  • Leadership & Mentoring

Cyber Incident Responder & Threat Intel Manager

Qantas
01.2020 - 03.2024
  • Monitor SIEM dashboards & analyse cyber threats across endpoint, server, and cloud.
  • Conduct Cyber Threat Intelligence (CTI) and hunting using OSINT & closed-source feeds
  • Develop playbooks & oversee use case development.

Senior CSIRT Consultant

Verizon
06.2019 - 12.2019
  • Provided high-level CSIRT consultancy for enterprise clients.
  • Implemented continuous improvement strategies for security operations.
  • Mentored junior staff & advised on attack vector.

CSIRT Analyst

Commonwealth Bank
11.2016 - 06.2019
  • Company Overview: (10+ years with CBA)
  • Conducted SIEM investigations & tuned detection rules
  • Performed forensic memory & disk analysis for malware investigations.
  • Developed & optimized automated threat detection use cases
  • Engaged in high-priority incident response with business stakeholders.
  • (10+ years with CBA)

Cyber Security Centre Analyst

Commonwealth Bank of Australia
12.2015 - 11.2016
  • Triaged security alerts & escalated incidents to response teams
  • Investigated IDS alerts & phishing attempts.
  • Managed vendor relationships & security tool maintenance

Security Analyst

Commonwealth Bank of Australia
12.2010 - 12.2015
  • Managed web proxy & email security governance
  • Conducted log analysis for security improvements.
  • Led security change management initiatives.

Service Desk Analyst

Commonwealth Bank of Australia
09.2008 - 12.2010
  • Provided Level 1 & 2 technical support for internal business units.
  • Managed multiple incident queues & met strict KPIs.

Service Desk Analyst

Telstra Bigpond
01.2007 - 09.2008
  • Provided technical support for internet connectivity issues.
  • Trained & mentored new employees.

Education

GED -

TAFE NSW
NSW
12-1999

Skills

  • Cybersecurity incident response
  • Digital forensics
  • Cyber threat intelligence
  • SIEM solutions (Splunk, Exabeam)
  • Threat hunting
  • Endpoint detection and response
  • Network security
  • Firewall management
  • Intrusion detection systems
  • Intrusion prevention systems
  • Proxy configuration
  • Email security protocols
  • MITRE ATT&CK framework application
  • Use case development
  • Stakeholder management strategies
  • AI tools (ChatGPT, Gemini, Co-pilot)

Certifications And Education

  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • ITIL V3 Certified
  • Bluecoat Certified Proxy Administrator (BCCPA)
  • SANS Security Essentials Bootcamp (SEC401)
  • Studying: GIAC Cloud Threat Detection (GCTD)

Projects & Leadership


**Phishing Investigation Automation**

Designed and deployed logic to automate phishing triage using Proofpoint TAP/TRAP results and ChatGPT. Built logic to assess inbox dwell time and detect whether malicious emails had been contained before user interaction. Dramatically reduced manual investigation time and improved MTTR.

**Vulnerability Management Enrichment App**

Built a Python-based app using ChatGPT to assess CVE exploitability and applicability based on CVSS data, environment context, and threat landscape. Improved patch prioritization for security and infrastructure teams.

**AI-Powered CVE Analysis**

Developed a second Python tool to query OpenAI and summarize CVEs with contextual relevance to internal assets. Enabled the team to understand obscure vulnerabilities and prioritize patching with confidence.

**Business Support via Power Automate**

Created a Microsoft Power Automate workflow to manage gift register submissions, freeing up compliance staff from manual processes. Demonstrated proactive support of business functions outside cyber remit as part of Lean In objectives.

**Leadership in Agile & Collaboration Tools**

Regularly use Jira and Confluence to document security playbooks, manage sprints, and drive continuous improvement. Established transparent and efficient collaboration processes with stakeholders across IT and business units.

Timeline

Cyber Security Incident Detection & Response Lead

Tyro Payments
03.2024 - Current

Cyber Incident Responder & Threat Intel Manager

Qantas
01.2020 - 03.2024

Senior CSIRT Consultant

Verizon
06.2019 - 12.2019

CSIRT Analyst

Commonwealth Bank
11.2016 - 06.2019

Cyber Security Centre Analyst

Commonwealth Bank of Australia
12.2015 - 11.2016

Security Analyst

Commonwealth Bank of Australia
12.2010 - 12.2015

Service Desk Analyst

Commonwealth Bank of Australia
09.2008 - 12.2010

Service Desk Analyst

Telstra Bigpond
01.2007 - 09.2008

GED -

TAFE NSW
Robert Rockstroh